Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/0twFMMswCw2HLQomM645bsitiF8.roa
File: 0twFMMswCw2HLQomM645bsitiF8.roa (raw, json)
Hash identifier: cAXRecv7O7GqRh4PkkaF0yNC6d/HqMJBthIFrBWS9w4=
Subject key identifier: D2:DC:05:30:CB:30:0B:0D:87:2D:0A:26:33:AE:39:6E:C8:AD:88:5F
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82AD432562689D482D7AE7D11A5940
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/0twFMMswCw2HLQomM645bsitiF8.roa
Signing time: Thu 26 Mar 2026 14:18:20 +0000
ROA not before: Thu 26 Mar 2026 14:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36617
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:ad:43:25:62:68:9d:48:2d:7a:e7:d1:1a:59:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2dc0530cb300b0d872d0a2633ae396ec8ad885f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b5:d1:58:51:ed:3a:94:3c:24:9d:2a:de:ee:
32:6a:28:c6:a8:76:c3:c5:cf:b9:be:c0:31:88:fb:
40:c5:b9:78:97:00:b4:ed:c8:5f:bf:a6:7b:69:c9:
62:6f:2c:a7:59:6d:35:32:02:71:1a:b9:94:64:50:
a4:86:9b:21:df:4e:c3:a9:5d:99:6e:bf:92:82:1b:
72:03:4d:73:9c:8b:e1:f6:58:ab:1f:3a:b6:44:eb:
e1:80:7d:a7:ff:27:23:bf:e6:e9:9b:fb:7e:c9:85:
fe:86:4d:8d:ed:f0:4a:e7:c9:0c:80:7d:5f:fd:14:
7a:92:04:c0:ba:9d:f7:13:4d:e8:c5:98:0d:ea:6d:
53:15:64:6b:b5:61:d7:14:f7:4b:79:54:65:3b:57:
76:98:bb:61:2f:ad:f2:75:54:0d:64:80:90:06:8b:
d3:e5:db:45:ab:bf:ab:d9:5b:9f:0d:4c:ff:49:8e:
56:dd:90:f3:c6:be:41:23:2d:69:36:64:5d:a5:b1:
50:f4:ab:e2:77:1f:94:91:fa:f6:a4:9e:c0:06:e6:
c4:32:58:51:95:04:be:7b:40:9c:f5:64:68:5e:ea:
06:06:37:3d:a8:16:07:3f:88:d1:49:fc:e5:e2:f6:
c3:8e:b4:94:f4:13:31:44:67:3f:4d:13:d3:01:25:
58:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DC:05:30:CB:30:0B:0D:87:2D:0A:26:33:AE:39:6E:C8:AD:88:5F
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/0twFMMswCw2HLQomM645bsitiF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
12:17:a9:24:f5:d2:fc:eb:1c:85:d6:3b:d6:45:48:f7:46:6c:
50:09:be:78:36:8a:f3:53:9a:30:51:33:56:d0:16:9d:95:75:
5a:5f:de:55:50:30:b9:d3:9d:b6:26:29:88:e9:3d:49:34:d8:
48:5e:92:2e:12:4b:5a:2e:f2:40:3a:5d:e4:ac:dc:72:5e:66:
82:94:0a:0f:bc:76:a6:c1:95:7d:36:06:7e:e0:b7:34:de:12:
5e:8c:23:2e:d9:a0:3b:c2:22:55:61:73:ef:c9:17:d7:de:d0:
a6:c5:16:78:bd:ff:3c:3d:96:ba:6f:9b:b1:81:3d:f5:91:e3:
e3:f9:ea:b0:3f:81:0e:c7:78:27:1e:6a:5c:e4:16:8e:69:f9:
ed:b3:43:2d:c1:10:3d:47:ca:79:b0:28:17:a8:d1:6a:e3:6e:
8f:68:f7:58:b4:9d:e1:e7:17:12:36:de:ed:cd:3d:74:37:73:
c2:86:59:eb:16:5a:fc:6b:39:27:15:0a:76:42:26:e1:b9:32:
b8:2a:cc:17:c9:15:0e:c8:2a:b2:ea:8e:9d:29:cd:ea:32:a4:
27:56:68:3d:6e:84:5d:76:51:2c:9c:91:9e:f6:f3:d9:0d:21:
f4:db:a3:4d:ab:aa:6e:f8:71:65:4e:4c:45:51:82:b6:2c:3d:
0a:92:52:8e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgq1DJWJonUgteufRGllAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmRjMDUzMGNiMzAwYjBkODcyZDBhMjYzM2FlMzk2ZWM4YWQ4ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrXRWFHtOpQ8JJ0q3u4yaijGqHbD
xc+5vsAxiPtAxbl4lwC07chfv6Z7aclibyynWW01MgJxGrmUZFCkhpsh307DqV2Z
br+SghtyA01znIvh9lirHzq2ROvhgH2n/ycjv+bpm/t+yYX+hk2N7fBK58kMgH1f
/RR6kgTAup33E03oxZgN6m1TFWRrtWHXFPdLeVRlO1d2mLthL63ydVQNZICQBovT
5dtFq7+r2VufDUz/SY5W3ZDzxr5BIy1pNmRdpbFQ9Kvidx+Ukfr2pJ7ABubEMlhR
lQS+e0Cc9WRoXuoGBjc9qBYHP4jRSfzl4vbDjrSU9BMxRGc/TRPTASVYKQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFNLcBTDLMAsNhy0KJjOuOW7IrYhfMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvMHR3Rk1Nc3dDdzJITFFvbU02NDVic2l0aUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAEhepJPXS/OschdY71kVI90ZsUAm+eDaK
81OaMFEzVtAWnZV1Wl/eVVAwudOdtiYpiOk9STTYSF6SLhJLWi7yQDpd5Kzccl5m
gpQKD7x2psGVfTYGfuC3NN4SXowjLtmgO8IiVWFz78kX197QpsUWeL3/PD2Wum+b
sYE99ZHj4/nqsD+BDsd4Jx5qXOQWjmn57bNDLcEQPUfKebAoF6jRauNuj2j3WLSd
4ecXEjbe7c09dDdzwoZZ6xZa/Gs5JxUKdkIm4bkyuCrMF8kVDsgqsuqOnSnN6jKk
J1ZoPW6EXXZRLJyRnvbz2Q0h9NujTauqbvhxZU5MRVGCtiw9CpJSjg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:52 2026 by rpki-client